SMEs 'leaving themselves wide open to cyber attacks'

DataIQ News

8th August 2017

Nearly half of all UK small and medium sized enterprises (SMEs) plan to spend less than £1,000 on cyber security measures in the next 12 months, despite almost one in five being the victim of a cyber-attack in the past year.

The latest Zurich SME Risk Index shows that 875,000 of the 5.5 million small businesses in the UK were the victim of a cyber security incident in the last 12 months. Companies in London were most commonly affected at 23%.

Despite cyber-attacks becoming more common and increasingly severe, only 29% of those surveyed said they were planning to spend more than £1,000 on defences in the next year and 22% were not sure how much they would be spending. Of those companies who had fallen victim to a cyber attack, 21% said it had cost them more than £10,000, and 11% said that it had cost more than £50,000.

Zurich says those who implement security measures can gain a competitive advantage, with increasing numbers of firms are being asked to provide details of their existing protection against cyber-crime, by either a current or a prospective customer.

A quarter of companies between 50 and 249 staff said that they had been asked directly. Of those with fewer than 50 employees just 11% were asked.

Paul Tombs, head of SMB proposition at Zurich, said: "While recent cyber-attacks have highlighted the importance of cyber security for some of the world's biggest companies, it's important to remember that small and medium sized businesses need to protect themselves too.

"The results suggest that SMEs are not yet heeding the warnings provided by large attacks on global businesses."